(1) Establish what data and processes are important and essential to the company. Determine what external and internal information is essential to the different employee roles in the company.
(2) Conduct a security audit and create a risk assessment analysis.
(3) Establish what legal/governmental/industry standards need to be adhered to and which international standards are relevant.
(4) Conduct a business impact analysis and determine a disaster recovery and business continuity plan.
(5) Create a security policy that defines an acceptable use policy, authorization policies and processes.
(6) Plan for any change management needed.
(7) Determine how the success of your policy will be measured and set up means for measuring this.
(8) Implement such policies.
(9) Measure and evaluate the effectiveness of the policy and make any additional adjustments.
Recommended textbook solutions
Anderson's Business Law and the Legal Environment, Comprehensive Volume
23rd EditionDavid Twomey, Marianne Jennings, Stephanie Greene
369 solutions
Social Psychology
10th EditionElliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson
525 solutions
Service Management: Operations, Strategy, and Information Technology
7th EditionJames Fitzsimmons, Mona Fitzsimmons
103 solutions
Strategic Brand Management: Building, Measuring, and Managing Brand Equity
5th EditionKevin Keller, Vanitha Swaminathan
109 solutions
Upgrade to remove ads
Only ₩37,125/year
-
Flashcards
-
Learn
-
Test
-
Match
-
Flashcards
-
Learn
-
Test
-
Match
Week 4
Terms in this set (10)
Among the most frequent Internet attacks, which of the following is not true.
Brute force attacks result in stolen smartphones, laptops, etc.
Among the following descriptions of 3G (3rd Generation) Firewalls, which is incorrect?
3G firewalls track state changes in IPv4 and IPv6, but does not track TCP or UDP changes
Among the following descriptions of how to prevent an attack, which is incorrect?
Backdoor attacks can be defended by frequent replacing of Internet switches and routers
Among the following, which is not a type of IDS (Intrusion Detection System)?
Location-based IDS
Among the following listed, which is not a Phishing type?
Fishing Phishing
Among the following descriptions of Buffer Overflow, which is incorrect?
USB overflow is a type of buffer overflow that the attacker fills up one's portable USB such that no more files can be saved on the USB memory device
Among the following Internet security and threat issues, which is not true?
Companies that receive a cyber attack are seldom attacked again
Among the following Internet security and protection schemes, which is not true?
Botnets are used as a countermeasure to defend against zombie computers
Which of the following statements on Internet security and protection is incorrect?
WPA2 certified Wi-Fi devices are rare to find in new Wi-Fi AP (Access Point) products
Which of the following statements on Internet security and protection is incorrect?
Due to the vulnerabilities of WPA (Wi-Fi Protected Access), it was replaced with the new WEP (Wired Equivalent Privacy) protocol
Students also viewedSystem Administration and IT Infrastructure Servic…
11 terms
snramos10
The Bits and Bytes of Computer Networking. Week 2:…
23 terms
snramos10
IAO201c_Introduction to Cybersecurity
176 terms
tranvux
Intro to cloud
48 terms
Demi_Zarate
Sets found in the same folderMy PC's Internet & Gateway - Week 1
7 terms
NathanStudies482
TCP/IP Protocol - Week 2
10 terms
NathanStudies482
Internet Routing & Functions - Week 3
10 terms
NathanStudies482
Traffic Management - Week 4
10 terms
NathanStudies482
Other sets by this creatorModule 4 Graded Assessment
10 terms
NathanStudies482
Module 3 Graded Assessment
10 terms
NathanStudies482
Module 2 Graded Assessment
10 terms
NathanStudies482
Module 1 Graded Assessment
10 terms
NathanStudies482
Other Quizlet setsSC History #2
17 terms
vaughnrachel96
C_ARSOR_2108: SAP Ariba Sourcing Certification Exa…
12 terms
SAPC_ARSOR_2108
IT273M1-01
10 terms
hILLO871
Pathophysiology
20 terms
Moreeny